/**
 * 当前操作用户 === 上传者 或 管理员
 * 修改/删除
 */
const PictureService = require('../../app/services/PictureService');
module.exports = async (req, res, next) => {
    let _client = await $client._get(req.headers['x-access-token']);

    if(_client.role_id == 0) {
        next();
    }else{
        let id = req.body.id || req.params.id;
    
        PictureService.findPic({ id }).then(response => {
            if(_client.name == response.user['dataValues'].userName) {
                next();
            }else{
                res.status(400).send({
                    code: 400,
                    msg: '没有操作权限.'
                })
            }
        }).catch(err => {
            res.status(500).send({
                code: 500,
                msg: '查询素材信息异常.'
            })
        });
    }
}
